When it sees this host, Propellor adds its IP addresses to the example.com
DNS zone file, for both its main hostname ("blue.example.com"), and also its
relevant aliases. (The .museum alias would go into a different zone file.)

Multiple hosts can define the same alias, and then you automaticlly get
round-robin DNS.

The web server part of of the blue.example.com config can be cut and
pasted to another host in order to move its web server to the other host,
including updating the DNS. That's really all there is to is, just cut,
paste, and commit!

I'm quite happy with how that worked out. And curious if Puppet etc
have anything similar.

One tricky part of this was how to ensure that the serial number automtically
updates when changes are made. The way this is handled is Propellor starts
with a base serial number (100 in the example above), and then it adds to it
the number of commits in its git repository. The zone file is only updated
when something in it besides the serial number needs to change.

The result is nice small serial numbers that don't risk overflowing the
(so 90's) 32 bit limit, and will be consistent even if the configuration
had Propellor setting up multiple independent master DNS servers for the
same domain.

Another recent feature in Propellor is that it can use Obnam
to back up a directory. With the awesome feature that if
the backed up directory is empty/missing,
Propellor will automcatically restore it from the backup.

Here's how the backedup property used in the example above
might be implemented:

Which of course ties back into the DNS and gets this hostname set in it.
But also, the ssh public key is available for this host and visible to the
DNS zone file generator, and that could also be set in the DNS, in a SSHFP
record. I haven't gotten around to implementing that, but hope at some
point to make Propellor support DNSSEC, and then this will all combine even
more nicely.

By the way, Propellor is now up to 3 thousand lines of code
(not including Utility library). In 20 days, as a 10% time side project.